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- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )S Responsive to communication(s) filed on 26 September 2005 . 
2a)(3 This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 
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DETAILED ACTION 

Response to Amendment 

1 . This office action is in response to the applicants Amendment filed on September 26, 
2005. Applicant amended claims 4, 13, 18, and 21-23. Claims 1, 3-11, 13-16, 18, and 
20-23 are presented for further consideration and examination. 



Claim Rejections - 35 USC § 103 

2. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

3. Claims 1, 3-5, 7-11. 13-14, 16, 18, and 20-23 are rejected under 35 U.S.C. 1 03(a) as 
being unpatentable over Merchant et al. (US006775290B1), in view of Rijhsinghani et al. 
(US006526052B1), and further in view of Denning et al. (Location-Based Authentication: 
Grounding Cyberspace for Better Security; copy right 1996; pages 1-6). 



4. With regard to claims 1, 7, and 18 , Merchant discloses, 

• a processor that communicates with an access concentrator to receive a plurality 
of port identifiers assigned by the access concentrator wherein each port 
identifier is associated with a location-specific connection port that provides 
connection for one or more hosts, the processor further determines which of the 
location-specific connection ports are currently accessing the network-by 
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associating each of the received port identifiers with a location-specific 
connection port; and (Merchant, col.1, lines 39-49, 52-63; col.2, lines 48-57) 
Merchant teaches of "storing VLAN data indicating a plurality of VLAN identifiers 
corresponding to the multiple VLANs supported by the port" and determining the 
active connections by comparing "the VLAN identifier of a data packet received 
via the port . . . with the plurality of VLAN identifiers ... [of] the stored VLAN data" 
(Merchant, col.1, lines 54-59). Furthermore, Merchant discloses of "many VLAN 
implementations define VLAN membership by groups of switch ports. For 
example, ports 1, 2, 3, 7 and 8 on a switch make up VLAN A, while ports 4, 5,and 
6 make up VLAN B. Alternatively, VLAN membership may be based on MAC 
addresses" (Merchant, col.1 , lines 39-43). Hence, VLAN A is associated with 
specific switch ports 1, 2, 3, 7 and 8, which, in turn, are connected to specific 
machines located at specific locations. For example, machines of department C 
in a company, located on a certain floor, can all be connected to specific switch 
ports 1 , 2, and 3. Therefore, machines of department C are associated with 
VLAN A and are specifically located on a certain floor of a building. 
However, Merchant does not explicitly disclose, 

• port identifiers assigned by the access concentrator wherein each port identifier 
is associated with a location-specific connection port that provides connection for 
one or more hosts 

Rijhsinghani teaches, 

• port identifiers assigned by the access concentrator wherein each port identifier 
is associated with a location-specific connection port that provides connection for 
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one or more hosts (Rijhsinghani, col.7, line 63 - col. 8, line 5; col. 9, lines 37-58; 
fig.5) 

Rijhsinghani teaches of switches (270', 275', 280 7 ) that are capable of 
"[determining] the appropriate VLAN tag to add to the communication before 
transmission via the trunk port to the high speed LAN backbone or trunk 265"' 
(Rijhsinghani, col. 9, lines 39-42) and ultimately through the "trunk station 285 
[which] may, for example, be a network server or other network resource to 
which some or all of the members of LANs may require high speed access from 
time to time or on a continuous basis as is known in the art" (Rijhsinghani, col.7, 
line 63-col.8, line 1). 
Therefore, it would have been obvious to one of ordinary skill in the art at the time of 
the invention was made to combine the teachings of Rijhsinghani with the teachings 
of Merchant to "increase the flexibility of network switching ... [by] providing a 
network switch that enables each switch port to support connections with members 
of multiple VLANs" (Rijhsinghani, col.1, lines 45-49). In addition, Merchant mentions 
switches using VLAN and VLAN identifiers; and it is well known in the networking art 
that VLAN consists of groups of hosts that are on physically different segments but 
that communicate as though they were on the same wire by using VLAN identifiers. 
However, Merchant and Rijhsinghani do not explicitly disclose, 
• a database associated with the network gateway device that stores the location- 
specific connection ports for the purpose of identifying one or more hosts 
associated with the connection port that have been granted network 
authorization. 
Denning teaches, 
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• a database associated with the network gateway device that stores the location- 
specific connection ports for the purpose of identifying one or more hosts 
associated with the connection port that have been granted network 
authorization. (Denning, pg.2, para.2). 

Denning teaches of "[determining] whether a person is attempting to log in from 
an approved location, e.g., a user's office building or home" (Denning, pg.2, 
para.2, lines 3-4). Denning also suggests that using "the login location ...to 
identify the place of login as well as to authenticate it" (Denning, pg.2, para.2, 
lines 6-8). Both Merchant and Rijhsinghani include databases or tables for 
storing the VLAN data, which ultimately maps the VLAN identifier to the 
connecting VLAN port. 
Therefore, it would have been obvious to one of ordinary skill in the art at the time of 
the invention was made to combine the teachings of Denning with the teachings of 
Merchant and Rijhsinghani to "increase the flexibility of network switching ... [by] 
providing a network switch that enables each switch port to support connections with 
members of multiple VLANs" (Rijhsinghani, col.1 , lines 45-49) and to use "the login 
location ...to identify the place of login as well as to authenticate it" (Denning, pg.2, 
para.2, lines 6-8). In addition, according to Denning, the "use of geodetic location 
can supplement or complement other methods of authentication" and that "its value 
added is a high level of assurance against intrusion from any unapproved location 
regardless of whether the other methods have been compromised" (Denning, pg.2, 
para. 6) 



5. With regard to claim 3 , Merchant, Rijhsinghani, and Denning disclose, 
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• wherein the processor uses VLAN protocol as a communication link between the 
processor and the access concentrator. (Merchant, col.1, lines 52-63; col.2, lines 
48-57; Rijhsinghani, col. 7, line 63 - col. 8, line 5; col.9, lines 37-58; fig. 5) 

6. With regard to claims 4-5 . Merchant, Rijhsinghani, and Denning disclose, 

• wherein the processor further comprises a querying agent capable of requesting 
transmission of the plurality of port identifiers from the associated access 
concentrator in response to receipt of data packets that fail to include location 
information. (Rijhsinghani, col. 7, line 49 - col.8, line 5; col. 8, lines 35-41; col.9, 
lines 31-46) 

• wherein the querying agent uses Simple Network Management Protocol (SNMP) 
as the communication link between the network device and the access 
concentrator. (Rijhsinghani, col. 7, line 49 - col.8, line 5; col.8, lines 35-41; col.9, 
lines 31-46) 

7. With regard to claims 8-11, 13 and 16 , Merchant, Rijhsinghani, and Denning disclose, 

• wherein identifying the location-specific, connection port of each of the hosts at 
an access concentrator further comprises tagging the data packets being sent 
from each host with one of a plurality of port identifiers at an access concentrator. 
(Merchant, col.1, lines 52-63; col.2, lines 48-57; Rijhsinghani, col. 7, line 63 - 
col.8, line 5; col.9, lines 24-30, lines 37-58; col. 10, lines 34-43; col.1 1, lines 5-10; 
fig.5) 

• wherein communicating the port identifier to a network gateway device further 
comprises transmitting tagged data packets to a network gateway device. 
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(Merchant, col.1, lines 52-63; col.2, lines 48-57; Rijhsinghani, col. 7, line 63 - 
col. 8, line 5; col.9, lines 24-30, lines 37-58; col. 10, lines 34-43; col. 11, lines 5-10; 
fig.5) 

• wherein tagging the data packets being sent from each host with one of a 
plurality of port identifiers further comprises tagging the data packets being sent 
from each host with one of a plurality of port identifiers that corresponds to a 
media access control (MAC) address. (Merchant, col.1, lines 38-42, lines 52-63; 
col.2, lines 48-57; Rijhsinghani, col. 7, line 63 - col.8, line 5; col.9, lines 24-30, 
lines 37-58; col.10, lines 34-43; col.1 1, lines 5-10; fig.5) 

• wherein tagging the data packets being sent from each host with one of a 
plurality of port identifiers includes implementing the use of VLAN protocol. 
(Merchant, col.1, lines 38-42, lines 52-63; col.2, lines 48-57; Rijhsinghani, col. 7, 
line 63 -col.8, line 5; col.9, lines 24-30, lines 37-58; col.10, lines 34-43; col.1 1, 
lines 5-10; fig.5) 

8. With regard to claim 14 , Merchant, Rijhsinghani, and Denning disclose, 

• wherein transmitting a port requesting query from the network gateway device 
further comprises transmitting a SNMP (Simple Network Management Protocol) 
query. (Rijhsinghani, col.7, line 49 - col.8, line 5; col.8, lines 35-41 ; col.9, lines 
31-46) 



9. 



With regard to claims 20 and 23 , Merchant, Rijhsinghani, and Denning disclose, 
• further comprising executing the network system application at the network 
gateway device. (Merchant, col.1, lines 52-63; col.2, lines 48-57; Rijhsinghani, 
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col. 7, line 63 - col.8, line 5; col. 9, lines 24-30, lines 37-58; col. 10, lines 34-43; 
col.11, lines 5-10; fig. 5) 
• wherein applying the results of the identification to a network system application 
further comprises applying the identified one or more of location-specific 
connection ports to determine port-specific information that will be communicated 
to a connection port (Merchant, col.1 , lines 38-42, lines 52-63; col.2, lines 48-57; 
Rijhsinghani, col.7, line 63 - col.8, line 5; col.9, lines 24-30, lines 37-58; col. 10, 
lines 34-43; col.1 1 , lines 5-10; fig. 5) 



10. Claims 6 and 15 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Merchant et al. (US006775290B1 ), in view of Rijhsinghani et al. (US006526052B1 ), 
further in view of Denning etal. (Location-Based Authentication: Grounding Cyberspace 
for Better Security; copy right 1996; pages 1-6), and further in view of Hunt et al. 
(US006539422B1). 



1 1 . With regard to claims 6 and 15, Merchant, Rijhsinghani, and Denning disclose, 
See claims 4 and 13 rejections as detailed above. 
However, Merchant, Rijhsinghani, and Denning do not explicitly disclose, 

• wherein the querying agent uses Extensible Markup Language (XML) as the 
communication between the network device and the access concentrator. 

Hunt teaches, 

• wherein the querying agent uses Extensible Markup Language (XML) as the 
communication between the network device and the access concentrator. (Hunt, 
abstract, lines 9-14; col.15, lines 39-43; module 231, fig.2). 
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Therefore, it would have been obvious to one of ordinary skill in the art at the time of 
the invention was made to combine the teachings of Hunt with the teachings of 
Merchant, Rijhsinghani, and Denning to "increase the flexibility of network switching 
. . . [by] providing a network switch that enables each switch port to support 
connections with members of multiple VLANs" (Rijhsinghani, col.1, lines 45-49) and 
to use "the login location ...to identify the place of login as well as to authenticate it" 
(Denning, pg.2, para.2, lines 6-8). In addition, according to Denning, the "use of 
geodetic location can supplement or complement other methods of authentication" 
and that "its value added is a high level of assurance against intrusion from any 
unapproved location regardless of whether the other methods have been 
compromised" (Denning, pg.2, para.6) 



12. Claims 21-22 are rejected under 35 U.S.C. 103(a) as being unpatentable over Merchant 
et al. (US006775290B1 ), in view of Rijhsinghani et al. (US006526052B1 ), in view of 
Denning et al. (Location-Based Authentication: Grounding Cyberspace for Better 
Security; copy right 1996; pages 1-6), and further in view of Hernandez et al. 
(US006208977B1). 



13. With regard to claims 21-22, Merchant, Rijhsinghani, and Denning disclose, 
See claim 18 rejections as detailed above. 

However, Merchant, Rijhsinghani, and Denning do not explicitly disclose, 
• wherein applying results of the identification to a network system application 
further comprises applying the identified one or more location-specific connection 
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ports to a network billing application that provides bills subscribers based on 
location. 

• wherein applying the results of the identification to a network system application 
further comprises applying the identified one or more location-specific connection 
ports to an authorization application that provides authorization to network 
subscribers based on location. 

Hernandez teaches, 

• wherein applying results of the identification to a network system application 
further comprises applying the identified one or more location-specific connection 
ports to a network billing application that provides bills subscribers based on 
location. (Hernandez, col. 5, lines 24-42; col.11, lines 18-41) 

• wherein applying the results of the identification to a network system application 
further comprises applying the identified one or more location-specific connection 
ports to an authorization application that provides authorization to network 
subscribers based on location. (Hernandez, col. 5, lines 24-42; col.11, lines 18- 
41) 

Therefore, it would have been obvious to one of ordinary skill in the art at the time of 
the invention was made to combine the teachings of Hernandez with the teachings of 
Merchant, Rijhsinghani, and Denning to produces billing information based on the 
location. 



14. 



Response to Arguments 

Applicant's arguments with respect to 1, 3-11, 13-16, 18, and 20-23 have been 
considered but they are not persuasive. 
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1 5. With regard to claims 1. 3-5, 7-11, 13-14. 16, 18. and 20-23 . the Applicants point out 
that: 

• To the contrary, the cited references fail to teach or suggest a processor that 
communicates with an access concentrator to receive a plurality of port identifiers 
assigned by the access concentrator wherein each port identifier is associated 
with a location-specific connection port as claimed in independent claim 1. 
However, the Examiner finds that the Applicants' arguments are not persuasive 
because Merchant teaches of "storing VLAN data indicating a plurality of VLAN 
identifiers corresponding to the multiple VLANs supported by the port" and 
determining the active connections by comparing "the VLAN identifier of a data 
packet received via the port . . . with the plurality of VLAN identifiers . . . [of] the stored 
VLAN data" (Merchant, col.1, lines 54-59). Furthermore, Merchant discloses of 
"many VLAN implementations define VLAN membership by groups of switch ports. 
For example, ports 1, 2, 3, 7 and 8 on a switch make up VLAN A, while ports 4, 
5,and 6 make up VLAN B. Alternatively, VLAN membership may be based on MAC 
addresses" (Merchant, col.1 , lines 39-43). Hence, VLAN A is associated with 
specific switch ports 1, 2, 3, 7 and 8, which, in turn, are connected to specific 
machines located at specific locations. For example, machines of department C in a 
company, located on a certain floor, can all be connected to specific switch ports 1, 
2, and 3. Therefore, machines of department C are associated with VLAN A and are 
specifically located on a certain floor of a building. 
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Therefore, the Applicants still failed to clearly disclose the novelty of the invention 
and identify specific limitation, which would define patentable distinction over prior 
art. 



1 6. With regard to claims 4-6, 13-16, and 21 , the Applicants point out that: 

• Claim 4 has been amended to recite, inter alia, a querying agent capable of 
requesting transmission of the plurality of port identifiers from the associated 
access concentrator in response to receipt of data packets that fail to include 
location information. None of the cited references, in general, or the cited 
passages of those references, in particular, teach or suggest a querying agent 
capable of requesting transmission of the plurality of port identifiers from the 
associated access concentrator in response to receipt of data packets that fail to 
include location information as claimed in claim 4. 
However, the Examiner finds that the Applicants' arguments are not persuasive 
because, in a VLAN enabled networking environment, it is possible to configure the 
environment so that a data packet with no identifier will be discarded. Hence, there 
is no need to request transmission of the port identifiers for a packet, which includes 
no information. 

Therefore, the Applicants still failed to clearly disclose the novelty of the invention 
and identify specific limitation, which would define patentable distinction over prior 
art. 



17. 



With regard to claims 6 and 15 , the Applicants point out that: 
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• As stated above, Merchant, Rijhsinghani and Denning fail, individually and in 
combination, to teach or suggest a location-specific connection port as claimed in 
independent claims 1 and 7 
However, the Examiner finds that the Applicants' arguments are not persuasive 
because Merchant teaches of "storing VLAN data indicating a plurality of VLAN 
identifiers corresponding to the multiple VLANs supported by the port" and 
determining the active connections by comparing "the VLAN identifier of a data 
packet received via the port . . . with the plurality of VLAN identifiers ... [of] the stored 
VLAN data" (Merchant, col.1 , lines 54-59). Furthermore, Merchant discloses of 
"many VLAN implementations define VLAN membership by groups of switch ports. 
For example, ports 1, 2, 3, 7 and 8 on a switch make up VLAN A, while ports 4, 
5,and 6 make up VLAN B. Alternatively, VLAN membership may be based on MAC 
addresses" (Merchant, col. 1 , lines 39-43). Hence, VLAN A is associated with 
specific switch ports 1, 2, 3, 7 and 8, which, in turn, are connected to specific 
machines located at specific locations. For example, machines of department C in a 
company, located on a certain floor, can all be connected to specific switch ports 1 , 
2, and 3. Therefore, machines of department C are associated with VLAN A and are 
specifically located on a certain floor of a building. 

Therefore, the Applicants still failed to clearly disclose the novelty of the invention 
and identify specific limitation, which would define patentable distinction over prior 
art. 
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Conclusion 



18. Applicants amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 
A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of the 
advisory action. In no event, however, will the statutory period for reply expire later than 
SIX MONTHS from the date of this final action. 

19. Any inquiry concerning this communication or earlier communications from the examiner 
should be directed to Thomas Duong whose telephone number is 571/272-391 1 . The 
examiner can normally be reached on M-F 7:30AM - 4:00PM. If attempts to reach the 
examiner by telephone are unsuccessful, the examiner's supervisor, Jason D. Cardone 
can be reached on 571/272-3933. The fax phone numbers for the organization where 
this application or proceeding is assigned are 571/273-8300 for regular communications 
and 571/273-8300 for After Final communications. 



Thomas Duong (AU2145) 




December 8, 2005 



Supervisory PE (AU2145) 



